<?php
namespace Admin\Controller;
use Common\Controller\BaseController;

class LoginController extends BaseController {

	public function index(){
    	$this->display();	
    }



    function check_verify($code, $id = ''){
		$verify = new \Think\Verify();
		return $verify->check($code, $id);
	}



    //用户验证

	public function checkLogin() {



		$username = I('post.username');

		$password = I('post.password');

		$checkcode = I('post.checkcode');



		if ($username=='' || empty($username)) {

			$state = 'Please enter username';

			echo $this->echo_json_str($state,$message,$url);die;



		}

		elseif ($password=='' || empty($password)) {

			$state = 'Please enter a password';

			echo $this->echo_json_str($state,$message,$url);die;

		}

		elseif ($checkcode=='' || empty($checkcode)) {

			$state = 'Please enter a verify code';

			echo $this->echo_json_str($state,$message,$url);die;

		}



		if (!$this->check_verify($checkcode)) {

			$state = 'Verification code error';

			echo $this->echo_json_str($state,$message,$url);die;

		}



        //生成认证条件

        $map = array();

        // 支持使用绑定帐号登录

        $map['username'] = $username;

        $authInfo = \Org\Util\Rbac::authenticate($map);

        //使用用户名、密码和状态的方式进行认证

        if (!$authInfo) {

            $state = 'Account does not exist or has been disabled.';

            echo $this->echo_json_str($state,$message,$url);die;

        } else {

            if ($authInfo['password'] != md5($_POST['password'])) {

                $state = 'Password error';

            	echo $this->echo_json_str($state,$message,$url);die;

            }

            $_SESSION[C('USER_AUTH_KEY')] = $authInfo['id'];

            if ($authInfo['username'] == 'admin') {

                $_SESSION['administrator'] = true;

            }



            $admin = M('Admin');

			$list = $admin->where("username='$username'")->find();

            setcookie('adminName',$list['username']);

			setcookie('adminGroup',$list['group']);

			setcookie('adminID',$list['id']);

			setcookie('adminFlag','alex1937818');



            //保存登录信息

			$log = M('AdminLog');

			$date['uid'] = $list['id'];

			$date['loginTime'] = time();

			$date['loginIP'] = get_client_ip();

			$list = $log->add($date);



			$_SESSION['adminName'] = $authInfo['username'];

			$_SESSION['adminFlag'] = 'alex1937818';



            // 缓存访问权限

            \Org\Util\Rbac::saveAccessList();

            $state = 'SUCCESS';

            $message = 'Login success';

			$url = U('Index/index');

			echo $this->echo_json_str($state,$message,$url);die;

        }		



	}



	function exitSystem(){



		if (isset($_SESSION[C('USER_AUTH_KEY')])) {

            unset($_SESSION[C('USER_AUTH_KEY')]);

            unset($_SESSION['menu' . $_SESSION[C('USER_AUTH_KEY')]]);

            unset($_SESSION);

            session_destroy();

            setcookie('adminName','',time()-3600);

			setcookie('adminGroup','',time()-3600);

			setcookie('adminID','',time()-3600);

			setcookie('adminFlag','',time()-3600);

			$this->success('Exit successfully',U('Login/index'));

        } else {

            $this->error('Exit failure...');

        }			

	}


    

}